132.148.150.21

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	WordPress brute force	2019-08-18 10:20:04

Comments on same subnet:

IP	Type	Details	Datetime
132.148.150.158	attackbotsspam	Automatic report - XMLRPC Attack	2019-12-16 22:20:23
132.148.150.158	attackspam	Automatic report - XMLRPC Attack	2019-11-28 21:06:53
132.148.150.158	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-25 16:44:47
132.148.150.158	attackspam	WordPress wp-login brute force :: 132.148.150.158 0.128 BYPASS [24/Oct/2019:19:55:51 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-24 18:37:11
132.148.150.158	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-19 22:46:58
132.148.150.158	attackbots	wp bruteforce	2019-10-14 14:30:42
132.148.150.158	attackbots	WordPress wp-login brute force :: 132.148.150.158 0.052 BYPASS [13/Oct/2019:06:50:27 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-13 05:49:55
132.148.150.158	attack	132.148.150.158 - - [12/Oct/2019:05:02:36 +0200] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.150.158 - - [12/Oct/2019:05:02:37 +0200] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-12 11:14:41
132.148.150.158	attackbots	132.148.150.158 - - [11/Oct/2019:20:58:27 +0200] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.150.158 - - [11/Oct/2019:20:58:28 +0200] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-12 02:59:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.150.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60160
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.150.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 10:59:33 CST 2019
;; MSG SIZE  rcvd: 118

Host info

21.150.148.132.in-addr.arpa domain name pointer ip-132-148-150-21.ip.secureserver.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
21.150.148.132.in-addr.arpa	name = ip-132-148-150-21.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.66.220.54	attackspambots	2019-09-16 07:19:55 1i9jQY-0008Uh-GG SMTP connection from ppp-94-66-220-54.home.otenet.gr \[94.66.220.54\]:55381 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 07:20:00 1i9jQd-0008Uv-Kt SMTP connection from ppp-94-66-220-54.home.otenet.gr \[94.66.220.54\]:46727 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 07:20:03 1i9jQg-00004t-P2 SMTP connection from ppp-94-66-220-54.home.otenet.gr \[94.66.220.54\]:60332 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 20:34:33
94.63.93.168	attackspambots	2019-01-19 17:37:49 1gktcy-0005zV-5W SMTP connection from 168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:13111 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-01-19 17:38:05 1gktdC-000601-Rg SMTP connection from 168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:43234 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-01-19 17:38:17 1gktdO-00060Q-TV SMTP connection from 168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:43334 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-02-26 18:28:05 H=168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:37319 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-26 18:28:18 H=168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:32578 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-26 18:28:23 H=168.93.63.94.rev.vodafone.pt \[94.63.93.168\]:32658 I=\[193.107.88.166\]:25 F=\ rejected RCPT \	2019-10-24 20:38:51
94.66.220.36	attackspambots	2019-04-01 15:18:59 1hAwq2-0001mH-U5 SMTP connection from ppp-94-66-220-36.home.otenet.gr \[94.66.220.36\]:65265 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-01 15:19:29 1hAwqX-0001nD-1L SMTP connection from ppp-94-66-220-36.home.otenet.gr \[94.66.220.36\]:36963 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-01 15:19:48 1hAwqq-0001nf-5u SMTP connection from ppp-94-66-220-36.home.otenet.gr \[94.66.220.36\]:43035 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 20:36:21
206.189.122.133	attack	Automatic report - Banned IP Access	2019-10-24 20:28:51
94.49.143.142	attackspambots	2019-07-08 02:55:36 1hkHwN-0007YJ-LQ SMTP connection from \(\[94.49.143.142\]\) \[94.49.143.142\]:24791 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 02:55:41 1hkHwS-0007YO-O6 SMTP connection from \(\[94.49.143.142\]\) \[94.49.143.142\]:24864 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 02:55:45 1hkHwX-0007YU-A0 SMTP connection from \(\[94.49.143.142\]\) \[94.49.143.142\]:24894 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 21:01:08
94.63.82.123	attackspam	2019-01-26 22:15:09 H=123.82.63.94.rev.vodafone.pt \[94.63.82.123\]:48648 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-26 22:15:50 H=123.82.63.94.rev.vodafone.pt \[94.63.82.123\]:48998 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-26 22:16:15 H=123.82.63.94.rev.vodafone.pt \[94.63.82.123\]:49212 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2019-10-24 20:40:07
81.22.45.116	attackbots	Oct 24 13:54:39 mc1 kernel: \[3204423.363284\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=34006 PROTO=TCP SPT=56953 DPT=25631 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 13:54:59 mc1 kernel: \[3204443.352962\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59516 PROTO=TCP SPT=56953 DPT=25505 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 13:59:49 mc1 kernel: \[3204732.805287\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=64689 PROTO=TCP SPT=56953 DPT=25734 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-24 20:24:47
45.136.108.12	attackspam	RDP Bruteforce	2019-10-24 20:32:58
94.40.74.200	attackspam	2018-12-02 14:05:10 1gTRQs-00044h-9w SMTP connection from 94-40-74-200.tktelekom.pl \[94.40.74.200\]:26794 I=\[193.107.88.166\]:25 closed by DROP in ACL 2018-12-02 14:05:54 1gTRRZ-00045x-P3 SMTP connection from 94-40-74-200.tktelekom.pl \[94.40.74.200\]:27124 I=\[193.107.88.166\]:25 closed by DROP in ACL 2018-12-02 14:06:12 1gTRRs-00046K-Cq SMTP connection from 94-40-74-200.tktelekom.pl \[94.40.74.200\]:27298 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 21:03:53
127.0.0.1	attack	Test Connectivity	2019-10-24 20:48:33
51.68.126.45	attackspam	Oct 24 08:35:59 ny01 sshd[21228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.126.45 Oct 24 08:36:01 ny01 sshd[21228]: Failed password for invalid user sets from 51.68.126.45 port 11087 ssh2 Oct 24 08:40:30 ny01 sshd[21598]: Failed password for root from 51.68.126.45 port 30897 ssh2	2019-10-24 20:54:33
94.61.100.138	attackbotsspam	2019-01-25 11:24:01 H=138.100.61.94.rev.vodafone.pt \[94.61.100.138\]:49760 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-25 11:24:20 H=138.100.61.94.rev.vodafone.pt \[94.61.100.138\]:58319 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-25 11:24:30 H=138.100.61.94.rev.vodafone.pt \[94.61.100.138\]:10144 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2019-10-24 20:51:14
89.248.160.193	attackspam	Port scan: Attack repeated for 24 hours	2019-10-24 20:51:28
94.63.2.144	attackbots	2019-01-19 00:03:43 1gkdAp-0007Sf-Ai SMTP connection from 144.2.63.94.rev.vodafone.pt \[94.63.2.144\]:34321 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-01-19 00:04:24 1gkdBU-0007Tj-8G SMTP connection from 144.2.63.94.rev.vodafone.pt \[94.63.2.144\]:43782 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-01-19 00:04:46 1gkdBr-0007UW-9T SMTP connection from 144.2.63.94.rev.vodafone.pt \[94.63.2.144\]:43888 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 20:47:58
222.185.98.165	attackspam	Oct 24 07:59:19 esmtp postfix/smtpd[23027]: lost connection after AUTH from unknown[222.185.98.165] Oct 24 07:59:29 esmtp postfix/smtpd[22962]: lost connection after AUTH from unknown[222.185.98.165] Oct 24 07:59:31 esmtp postfix/smtpd[22974]: lost connection after AUTH from unknown[222.185.98.165] Oct 24 07:59:32 esmtp postfix/smtpd[22962]: lost connection after AUTH from unknown[222.185.98.165] Oct 24 07:59:35 esmtp postfix/smtpd[22974]: lost connection after AUTH from unknown[222.185.98.165] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.185.98.165	2019-10-24 20:43:34

Recently Reported IPs

212.124.188.174	191.209.54.227	182.34.223.53	119.28.29.169
104.126.35.38	251.167.139.1	24.171.107.110	116.95.228.41
176.221.48.230	123.133.254.21	27.129.236.159	201.178.66.21
198.71.224.63	92.97.214.151	144.7.187.169	133.153.79.98
83.64.47.188	103.75.166.94	136.220.141.188	227.29.189.52